Solved

How does a signed Applet read a file ?

Posted on 1997-12-17
3
223 Views
Last Modified: 2006-11-17
I have a signed applet that should read a file.
I used the privilegManager to ask for "UniversalFileAccess"
and then the security Window pops up, I grant the access and
try to open a file ( just READ ) butI still get the Security Exception.
If I try this from a different computer ( not at home ) then
I don't even get the Security Window asking for File Access.

My site is located at:
http://www.darmstadt.gmd.de/~petersil/diplom/indexb.html

There you have to press the eject/insert button

I will place the source code there too soon.
0
Comment
Question by:experte
  • 2
3 Comments
 
LVL 1

Accepted Solution

by:
biged040597 earned 100 total points
ID: 1231675
Hi,

I've had the same problem, I guess at least. When using NN4.03 + JDK 1.1 patch you should turn off your class path. Any calls to methods in classes found in the classpath that try to do some privileged stuff will throw an exception.

Just disable the path or get rid of the local classfiles and the problem should be fixed

Hope this helps,
biged.
0
 

Author Comment

by:experte
ID: 1231676
Hi Biged !

This was an interesting answer !

O.K. I REMarked the "SET Classpath....." line in my autoexec.bat file and tried it again.
First I opened the NC 4.02 and opened my index.html on my local computer that holds the
applet. And... it worked ! The applet could open and read a local file on my computer !

Now I went online ! That is, I start AOL and then choose "Go online" with NC 4.02.
I went to my site:

www.darmstadt.gmd.de/~petersil/diplom/indexb.html

that holds exactly the same html file with the signed applet. First the Java Security Window
pops up, because of the java code where I ask for more Privileges
"......
                 try {
                    PrivilegeManager.enablePrivilege("UniversalFileAccess");
                 }
......."
I GRANT the request, but when open the file I get the same message:
"
# Security Exception: checkread:Read of 'F:\diplom\mpegrefvis\Qspal.mpg' not permitted
# Applet exception: security.checkread: Read of 'F:\diplom\mpegrefvis\Qspal.mpg' not permitted
netscape.security.AppletSecurityException: security.checkread: Read of 'F:\diplom\mpegrefvis\Qspal.mpg' not permitted
#  UniversalFileRead privilege not enabled: Reading files stored in your computer
java.io.IOException: CreateProcess: vcafe -netscape error=0
"
and the applet can NOT read the file.

Funy is, that if I use a different computer and start nc 4.02 and look at the site, there is
NO Java Security Window showing up !!!????? The Java console says that the Issuer of my
Certificate is not known on the actual system.

What I wanted to know was, how does the "right" way works ? What steps do I have to
do,  so that my applet ( that I signed with zigbert ) located on a server, can read files
on a local computer from the user that visits my site and starts the applet.
What is important in the Java source code ? Why does the Java Security Window does not
pop up on a different computer when visiting my URL ?

Hope you can send me some infos !

Guido
0
 
LVL 1

Expert Comment

by:biged040597
ID: 1231677
Hi Guido,

I have never signed a JAR file for Netscape. Since we're still in the debugging phase at the current project I use codebase prinicipals, i.e. I added user_pref("signed.applets.codebase_principal_support", true);
to my prefs.js.

This way you can use the netscape.privilege package without signing the applet.

I advise you to get the latest JDK patch for Netscape and the netscape.security package. This solved a lot of problems for me, mostly concerning AWT but who knows how many bugs Netscape can put in their VM implementation.

Apart from that, make sure that you also put the netscape.security package on the web with your applet since that way you can be sure everyone who starts the applet will use the  netscape.security package you expect.

Furthermore, you are using a macro target "UniversalFileAccess". Maybe you should first try to enable the "UniversalFileRead" target , and check afterwards if grant was succesfull. Something like this:

if (System.getProperty("java.vendor").toString().charAt(0)=='N') {
pm = PrivilegeManager.getPrivilegeManager();          pm.enablePrivilege("UniversalFileRead");
try {            
pm.checkPrivilegeGranted("UniversalFileRead");
} catch (ForbiddenTargetException e) {
// privilege is not currently granted
 System.out.println(e.toString());
}

Note that you must call PrivilegeManager.getPrivilegeManager(); before using the static methods. (from the dox:
While you can construct your own instance of this class, it won't do you any good to add privileges to your code. Instead, you should call PrivilegeManager.getPrivilegeManager())

You could also try the parameterized Targets : FileRead (from the dox:
if you only want read access to a handful of files, you can pass the file name as the "data" field to enablePrivilege        
)

It's not a cut and dry solution to your problem but when 2 browsers act differently running an applet it is always a bitch to find what's wrong.

Greets,
biged.
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Suggested Solutions

Java had always been an easily readable and understandable language.  Some relatively recent changes in the language seem to be changing this pretty fast, and anyone that had not seen any Java code for the last 5 years will possibly have issues unde…
Introduction Java can be integrated with native programs using an interface called JNI(Java Native Interface). Native programs are programs which can directly run on the processor. JNI is simply a naming and calling convention so that the JVM (Java…
Viewers learn about the third conditional statement “else if” and use it in an example program. Then additional information about conditional statements is provided, covering the topic thoroughly. Viewers learn about the third conditional statement …
Viewers learn about the “while” loop and how to utilize it correctly in Java. Additionally, viewers begin exploring how to include conditional statements within a while loop and avoid an endless loop. Define While Loop: Basic Example: Explanatio…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now